Patent · US Active

Suspicious packet detection device and suspicious packet detection method thereof

US11057403B2 · kind B2 · utility

0Cited by

8References

16Claims

0Family size

Assignee

INSTITUTE FOR INFORMATION INDUSTRY · TW

Inventors

Chi-Kuan Chiu · Taoyuan, TW
Hsiao-Hsien Chang · Taipei, TW
Te-En Wei · Taipei, TW

Key dates

Filing date	Nov 27, 2018
Grant date	Jul 6, 2021
Priority date	—
Expiry date	Mar 19, 2040

Classification

Technology area (CPC H)Electricity
CPC primaryH04L2463/144
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A suspicious packet detection device and a suspicious packet detection method thereof are provided. The suspicious packet detection device captures an HTTP packet transmitted from an internal network to an external network, and based on an HTTP header of the HTTP packet, determines that the HTTP packet belongs to one of a browser category and an application category and identifies the HTTP packet as one of a normal packet and a suspicious packet. When the HTTP packet is identified as the normal packet, the suspicious packet detection device further verifies whether the HTTP packet is the suspicious packet or not by comparing the HTTP header with relevance information or by using a URL classification model.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.